Method for providing a program module in a communications system

ABSTRACT

A method provides a program module in a communications system. The program module is accommodated by a server, the program module is transmitted to a subscriber terminal, a test criterion is calculated each time inside a security device and in the subscriber terminal by using the program module and an individual key. By comparing the test criterion, it is determined whether the program module has been defectively received by the subscriber terminal.

CROSS REFERENCE TO RELATED APPLICATIONS

[0001] This application is based on and hereby claims priority to PCTapplication No. PCT/DE01/02735 filed on Jul. 19, 2001 and German PatentNo. 100 35 171.9 filed on Jul. 19, 2000, the contents of which arehereby incorporated by reference.

BACKGROUND OF THE INVENTION

[0002] The invention relates to a method for providing a program modulein a communications system, in particular in a radio communicationssystem.

[0003] In present-day computer networks, a client/server structure isfrequently used in order to provide new software, which is generallyalso referred to as a software upgrade. This client/server structure isdistinguished by a hierarchical structure, with the software beingstored in a relatively high-level server computer which provides therequired software to client servers, which are connected to the server,when requested by these client computers.

[0004] Against the background of this basic model, which is alsoreferred to as a single server architecture, there are further modifiedforms in which, for example, a plurality of servers process the requestsfrom a large number of lower-level clients (multi-server architecture).So-called proxy servers may also be used for temporary storage of thesoftware, and these are arranged between the client and the server inthe hierarchy. The software which is requested by a client istemporarily stored in the proxy server in this architecture, so that,when it is requested once again by a different client, the software canbe requested directly from the proxy server (which is generally locatedphysically closer). This method is used, by way of example, fortemporary storage of web pages that are called up frequently on theInternet.

[0005] In radio-based cellular communications networks such as thealready existing GSM network (Global System Mobile), the planned UMTSnetwork (Universal Mobile Telecommunications System) has a thirdgeneration mobile radio network or the Hiperlan/2 system as a futurewireless LAN system, it is also necessary to carry out softwareupgrades, for example an upgrade to a WAP (Wireless ApplicationProtocol) browser.

[0006] In this case, the software may be provided either by themanufacturer of a subscriber station, by a network operator, or else byan independent service provider.

[0007] In these methods, the connection between the server and a clientis scrambled in order to distribute contents and software and/or programmodules in a secure manner. Symmetric or asymmetric methods, such as PGP(Pretty Good Privacy) or SSL (Secure Socket Layer) are used in this caseaccording to the related art. However, these methods have thedisadvantage that they cannot prevent the contents and/or the softwarebeing modified by network components via which this information istransmitted to the subscriber terminal.

[0008] EP 0813132 A2 describes a method for distributing a program code,in which a trustworthy third party creates a certificate for the programcode, which is distributed together with the program code. A receivingsystem can confirm the integrity of the certificate, and hence also theintegrity of the program code, by checking this certificate.

SUMMARY OF THE INVENTION

[0009] One potential object of the invention is thus to create a methodfor providing program modules in a communications system, which allowssecure reception of the program modules by a subscriber station.

BRIEF DESCRIPTION OF THE DRAWINGS

[0010] These and other objects and advantages of the present inventionwill become more apparent and more readily appreciated from thefollowing description of the preferred embodiments, taken in conjunctionwith the accompanying drawings of which:

[0011]FIG. 1 shows a block diagram of a communications system, inparticular of a radio communications system,

[0012]FIG. 2 shows the transmission of a program module from a server toa subscriber terminal and to a further subscriber terminal,

[0013]FIG. 3 shows the transmission of a program module, as shown inFIG. 2, with a security check according to one aspect of the invention,

[0014]FIG. 4 shows the transmission of a program module from a server toa subscriber terminal with a first security concept option, and

[0015]FIG. 5 shows the transmission of a program module from a server toa subscriber terminal as shown in FIG. 4, with a second security conceptoption.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

[0016] Reference will now be made in detail to the preferred embodimentsof the present invention, examples of which are illustrated in theaccompanying drawings, wherein like reference numerals refer to likeelements throughout.

[0017]FIG. 1 shows a detail of a radio communications system as anexample of a communications system in which the invention can possiblybe used. The illustration shows the structure of a HIPERLAN/2 system. Asystem such as this has a plurality of base stations BS which areconnected to an IP-based backbone. These base stations BS are used forassigning radio resources to subscriber terminals UE (user equipment)for routing and transmission of incoming and outgoing data packets (PDUPacket Data Unit) via a radio interface. The subscriber terminals UE arein this case, for example, in the form of mobile stations or other typesof mobile and stationary terminals. Each base station BS supplies radioresources to at least one radio cell Z.

[0018] As is illustrated by way of example in FIG. 1, the subscriberterminal UEb is located outside the radio cell Z of the base station BS.In this case, according to the related art, it would be impossible forthis base station BS to supply radio resources to this subscriberterminal UEb. However, signals can be transmitted in the uplinkdirection UL and the downlink direction DL by using a subscriberterminal UEa, which is located in the supply area of the base stationBS, as a relay station to form a so-called multihop system. In thiscase, the relay station UEa passes on the signals received in therespective transmission direction, for example using the same carrierfrequency as the base station BS. As is illustrated by way of example,each relay station UEa, UEc in turn forms a small radio cell, thusenlarging the effective extent of the radio cell Z of the base stationBS.

[0019] As has already been described in the introduction, aclient/server structure is frequently used in present-day computernetworks for providing new software, which is generally also referred toas a software upgrade. This client/server structure is distinguished bya hierarchical structure, with the software being stored in a relativelyhigh-level server computer which provides the required software toclient computers, which are connected to the server, when requested bythese client computers.

[0020] Against the background of this basic model, which is alsoreferred to as a single server architecture, there are further modifiedforms in which, for example, a plurality of servers process the requestsfrom a large number of lower-level clients (multi-server architecture).So-called proxy servers may also be used for temporary storage of thesoftware, and these are arranged between the client and the server inthe hierarchy. The software which is requested by a client istemporarily stored in the proxy server in this architecture, so that,when it is requested once again by a different client, the software canbe requested directly from the proxy server (which is generally locatedphysically closer). This method is used, by way of example, fortemporary storage of web pages that are called up frequently on theInternet.

[0021] In radio-based cellular communications networks such as thealready existing GSM network (Global System Mobile) or the planned UMTSnetwork (Universal Mobile Telecommunications System) as a thirdgeneration mobile radio network it is also necessary to carry outsoftware upgrades, for example an upgrade to a WAP (Wireless ApplicationProtocol) browser.

[0022] In this case, the software may be provided either by themanufacturer of a subscriber station, by a network operator, or else byan independent service provider.

[0023] If one of the client/server architectures described in theintroduction is used for a software upgrade, with the software in thiscase being stored centrally on servers in the mobile radio network andbeing transmitted from there to each individual subscriber station, thisresults in unacceptable waiting times, however, when there are a largenumber of subscriber stations.

[0024] Furthermore, in mobile communications networks and in contrast toa landline network, it is impossible to associate one subscriberterminal with one access to the network. In consequence, when softwareis provided centrally by a relatively high-level server (for example bya base station), each subscriber terminal in the communications networkmust ask the respective server, at regular time intervals, whether thereis any new software to download. This produces an additional load.

[0025] One possible way to solve this problem is to provide the softwareupgrade in the form of a “snowball” system. Each subscriber terminalwhich is registered in a cell and which has stored the software and/orthe program module can transmit this to further subscriber terminalswhich are registered in that cell. Each subscriber terminal is thus notonly a client but also a server. Direct transmission of the softwarefrom one subscriber terminal to one or more further subscriber terminalsallows the software to be disseminated virtually exponentially. In acorresponding way, the time taken to provide the software to all thesubscriber terminals which are registered in a cell can be reduced byseveral times.

[0026] Also, and advantageously in comparison to a hierarchicalclient/server system, resources are saved since, at the start of theprocess, the software can be transmitted from only one server to onesubscriber terminal in the communications system, which can then pass onthe software to the other subscriber terminals in the system.

[0027] Since the software can be transmitted from one subscriberterminal to a further subscriber terminal on the direct path, andnetwork device carries out any signaling tasks, this also conservesresources.

[0028] However, this method has been found to be subject to a problem inthat the respective receiver of a program module can modify this programmodule, for example after unpacking and installation, beforetransmitting it to a further subscriber terminal. This manipulationcapability is illustrated, by way of example, in FIG. 2.

[0029] A secure connection is set up between a server and a firstsubscriber terminal UEa. This may be protected, for example, by a knownscrambling program. In a firststep (1), the first subscriber terminalrequests a program module SP (software packet) which is transmitted in asecond step (2) to the first subscriber terminal UEa. After unpackingand installation of the program module SP, this program module SP can bemanipulated by the first subscriber terminal UEa and can be packed onceagain, step (4). If a further subscriber terminal UEb now requests theprogram module from the first subscriber terminal UEa in a fifth step(5), then the first subscriber terminal UEa sends the manipulatedprogram module SP* to the further subscriber terminal UEb, step (6).Installation of this manipulated program module SP*, step (7), whichnow, by way of example, has a virus, can disadvantageously lead tomalfunctions in the further subscriber terminal UEb.

[0030] This problem can be solved by allocating an individual key PK(private key) to each subscriber terminal UE or to each subscriber,which can be used, for example, to calculate a respective checksum. Thiskey is, for example, stored in a memory device (SIM, UIM) in thesubscriber terminal, and is protected against being read withoutauthorization.

[0031] In addition to the storage of the key in the subscriber terminal,this key is stored in a security device. This security device may, forexample, be implemented in a corresponding manner to a so-calledsecurity box SB, a trust center TC or an authentication center AC as acomponent of the communications system, or independently of it. Thesecurity device is advantageously associated with one respectiveprovider, and provides the program modules. The provider may, forexample, be a manufacturer (equipment supplier), operator, serviceprovider, application provider or content provider. An individual keyfor the various providers can be stored in the terminal or in anexternal memory medium (smart card), which is supplied to the subscriberterminal.

[0032] In addition, the address (E.164, URL, . . . ) may also be storedfor routing purposes in the security device, in which case the addressmay also be stored in the communications system, for example togetherwith the subscriber profile.

[0033] If, by way of example, a program module (software update) istransmitted in unscrambled form or in scrambled form from a manufacturer(Siemens AG) or the manufacturer's server to the subscriber terminal .After receiving the program module, the subscriber terminal uses anappropriate key (from the manufacturer) in order to calculate a checksumfrom that key and the program module. This calculcated checksum istransmitted to the manufacturer's or the communications system'ssecurity device. In addition, in this case, the subscriberidentification may also be transmitted in order to identify thesubscriber or the subscriber terminal. This subscriber identificationmay, in a mobile radio system by way of example, be the IMEI(International Mobile Equipment Identity) or, in some othercommunications system, a unique symbolic name, for example the e-mailaddress. In the same way, the address of the provider can also be storedin the subscriber terminal, together with the key.

[0034] The security device uses the stored key and the program modulewhich has likewise been received from the server to calculate a checksumin the same way. The respective checksum which is calculated in thesecurity device and that which is calculated in the subscriber terminalare then compared. If the checksums match, then the program module hasbeen received without any corruption by the subscriber terminal and cansubsequently be installed in the subscriber terminal, after confirmationby the security device. If, on the other hand, the checksums do notmatch, then the subscriber station has received a program module witherrors, or a corrupted program module. The subscriber terminal then doesnot install the program module and, possibly, signals to the securitydevice the source or the subscriber terminal from which it received thisprogram module. The user of the security device can then, if required,take suitable steps with regard to the faulty source, such as blockingthat subscriber terminal.

[0035] The method according offers, inter alia, the followingadvantages:

[0036] possible use of security algorithms as are already nowadays usedfor subscriber authentication in mobile radio systems, for checking thatreceived program modules have no errors,

[0037] possible use of terminal-specific information, such as the IMEI,for checking that received program modules have no errors,

[0038] a known SSL mechanism may be used for passing on program modules,provided that this is desired by the issuing authority, and

[0039] the SSL mechanism can likewise be used for distribution of thekeys for checksum calculation, if the key in the subscriber terminal isintended to be updated from time to time, in order to improve security.

[0040] Based on FIG. 2, FIG. 3 shows how a security concept can beimplemented in a described environment. In a first step (1), a firstsubscriber terminal UEa requests a program module SP, which istransmitted in a second step (2) from the server S to the firstsubscriber terminal UEa. In a third step (3), a first checksum CSa iscalculated in the first subscriber terminal UEa based on the programmodule SP and a first terminal-specific or subscriber-specific key PKa.This calculated checksum CSa is sent to the security device TC/SB, whereit is compared with a checksum CSa calculated in the same manner in aninitial step (0). In this case, the checksum may be transmitted to thesecurity device in a scrambled form. If the security device TC/SBconfirms that the checksums are identical, then it signals this fact tothe first subscriber terminal UEa which then installs the program moduleSP, in a fifth step (5).

[0041] If, in a sixth step (6), a second subscriber terminal UEb nowrequests the program module SP from the first subscriber terminal UEa,and the first subscriber transmits the program module SP* to the secondsubscriber terminal UEb in a seventh step (7). In a corresponding way tothe third step (3), a second checksum CSb is calculated in the secondsubscriber terminal UEb, in an eighth step (8), based on the programmodule SP* and a second terminal-specific or subscriber-specific keyPKb, and this is then transmitted to the security device TC/SB, step(9), where the checksums CSb are once again compared. Once it has beenconfirmed that the checksums CSb match, the program module SP* isinstalled in the second subscriber terminal UEb in a tenth step (10).

[0042]FIG. 4 will now be used by way of example to explain how knownsecurity components of a mobile radio system can advantageously be usedfor the method. In a first step (1), a sum Sum is calculated from aprogram module SP in a device, using a known method. The device may inthis case be incorporated in the security device SB, in the case of amobile radio system, by way of example, in the central authenticationcenter AC, or separately from the security device SB. A compressedprogram module may also be defined, by way of example, as the sum Sum.In a second step (2), a checksum CSc is calculated by the standardizedkey PKc (kc), in which case the calculation can be carried out in acorresponding manner to the calculation of RES and SRES in the GSMmobile radio system. The sum Sum and the checksum CSc are thentransmitted to a central device NE in the communications system, forexample to the HLR (Home Location Register) or to the VLR (VisitorLocation Register). In addition to this information, the respectiveinformation item or an indicator relating to the program module SPand/or in relation to the subscriber terminal UEc or to the subscribercan be transmitted to the central device NE.

[0043] A sum is produced from the program module SP in the same way inthe subscriber terminal UEc, and a checksum CSc is calculated by the sumand the key PKc. The checksum CSc is then transmitted in a fourth step(4) to the central device NE, with an indicator for the received programmodule SP likewise also being transmitted. If the central device NEfinds a match between the stored checksum CSc and the checksum CSctransmitted by the subscriber terminal UEc, then the program module SPcan be installed in the subscriber terminal UEc, after appropriateconfirmation from the central device NE.

[0044]FIG. 5 shows an implementation of the security concept as analternative to that shown in FIG. 4. In this case, in contrast, thechecksum CS is calculated from the determined sum Sum and from the IMEI(International Mobile Equipment Identity), which is known from the GSMmobile radio system. The IMEI is used to calculate the checksum CS inthe same way in the subscriber terminal UEc. In this case, by way ofexample, the EIR (Equipment Identification Register) may also be used ascentral device NE for carrying out the comparison of the checksums CS,since the key which is used is terminal-specific.

[0045] The invention has been described in detail with particularreference to preferred embodiments thereof and examples, but it will beunderstood that variations and modifications can be effected within thespirit and scope of the invention.

1. A method for providing a program module (SP) in a communicationssystem, in which the program module (SP) is made available by a server(S), the program module (SP) is transmitted to a subscriber terminal(UEa, UEc), a checking criterion (CSa) is in each case calculated in asecurity device (TC, SB, AC) and in the subscriber terminal (UEa, UEc)by means of the program module (SP) and an individual key (PKa, PKc) ofthe subscriber terminal (UEa, UEc) or of a corresponding subscriber, theindividual key (PKa, PKc) in the security device (TC, SB, AC) and in thesubscriber terminal (UEa, UEc) is identical, and the checking criteria(CSa, CSc) are compared in order to determine whether the program module(SP) has been received with errors by the subscriber terminal (UEa,UEc).
 2. The method as claimed in claim 1, in which a scrambling methodis used for the transmission of the program module (SP) to thesubscriber terminal (UEa, UEc).
 3. The method as claimed in claim 1 or2, in which the program module (SP) is installed in the subscriberterminal (UEa, UEc) only if it has been received without errors.
 4. Themethod as claimed in one of the preceding claims, in which the programmodule (SP) which is received by the subscriber terminal (UEa, UEc) istransmitted to a further subscriber terminal (UEb), with a further key(PKb) and a calculation of a further checking criterion (CSb) being usedto determine whether the program module (SP) has been received withoutany errors by the further subscriber terminal (UEc).
 5. The method asclaimed in one of the preceding claims, in which, in the situation wherethe program module (SP) has been received with errors, an identifier ofthe sender of the program module (SP) is stored in the security device(TC, SB, AC).
 6. The method as claimed in one of the preceding claims,in which the key (PKa, PKb, PKc) is defined on a terminal—orsubscriber—specific basis.
 7. The method as claimed in one of thepreceding claims, in which the key (PKa, PKb, PKc) is stored in thesecurity device (TC, SB, AC).
 8. The method as claimed in one of thepreceding claims, in which the comparison of the checking criteria (CSa,CSb, CSc) is carried out in a central device (NE, HLR, EIR) in thecommunications system, with the checking criterion (CSa, CSb, CSc) whichis determined in the subscriber terminal (UEa, UEb, UEc) beingtransmitted to the central device (NE, HLR, EIR).
 9. The method asclaimed in one of the preceding claims, in which, together with thechecking criterion (CSa, CSb, CSc), the subscriber terminal (UEa, UEb,UEc) transmits a program module identifier relating to the centraldevice (NE, HLR, EIR).
 10. The method as claimed in one of the precedingclaims, in which communications system is in the form of a cellularradio communications system, and the subscriber terminal (UEa, UEb, UEc)is in the form of a stationary or mobile radio station.
 11. Acommunications system having a server (S), having a security device (TC,SB, AC) and having a subscriber terminal, in which the server (S) isdesigned such that it makes a program module (SP) available, a device isdesigned such that it transmits the program module (SP) to thesubscriber terminal (UEa, UEc), the security device (TC, SB, AC) and thesubscriber terminal (UEa, UEc) are designed such that they use theprogram module (SP) and an individual key (PKa, PKc) of the subscriberterminal (UEa, UEc) or of a corresponding subscriber to in each casecalculate a checking criterion (CSa), with the individual key (PKa, PKc)in the security device (TC, SB, AC) and in the subscriber terminal (UEa,UEc) being identical, and a central device (NE) being designed such thatit uses a comparison of the checking criteria (CSa, CSc) to determinewhether the program module (SP) has been received with errors by thesubscriber terminal (UEa, UEc).